Post B3QQtciw62OCPWxcxM by isotopp@infosec.exchange
(DIR) More posts by isotopp@infosec.exchange
(DIR) Post #B3QQtciw62OCPWxcxM by isotopp@infosec.exchange
2026-02-17T17:54:38Z
0 likes, 0 repeats
RE: https://social.tchncs.de/@Lapizistik/116087161953914165I can pull mail addresses out of thin air.My mailer knows about local_part_suffix = +* : -* local_part_suffix_optionalso you can mail to kris@..., but also to kris+keks@... or kris-keks@...They will all go to the kris user account,and there will be X-local-part-suffix: keks set for any mail to kris-keks@....Of course, I don't want all of that in my inbox.:0* ^X-local-part-suffix:.*kris-\/[^@]+$MAILDIR/.special.`echo $MATCH | sed -e 's!([^)]*)!!g' -e 's![^a-zA-Z0-9_-]!_!g' | tr A-Z a-z`/The what:Anything that matches X-local-part-suffix: kris-something@... will be caught by that rule.We take something from the rule, lowercase it, and replace all characters that are not letters or numbers or _ or - with a _. We then push that into the folder INBOX/special/something or whatever that replacement produces.So mail to kris-keks@... goes to the folder INBOX/special/keks. If it doesn't exist we create it.
(DIR) Post #B3QQtdRFRHpocxh11c by isotopp@infosec.exchange
2026-02-17T17:57:32Z
0 likes, 0 repeats
I merge all that together again in a single unread smart mailbox.But the folder is indicated at the top right.So I have a github mail in a github folder – likely legit.Now, a bank mail that is in a supermarket folder – that's fishy. Without even opening it I know I can delete it.
(DIR) Post #B3QQteFERRoj7z4vw0 by isotopp@infosec.exchange
2026-02-17T17:59:49Z
1 likes, 0 repeats
Yeah, about that US immigration requirement."List all your mail addresses"How many lines does that form have?$ ls -ld Maildir/.special* | wc -l2369Because I have a spreadsheet for you.
(DIR) Post #B3QQtf2VUFETao8Hjs by isotopp@infosec.exchange
2026-02-17T18:03:10Z
0 likes, 0 repeats
I can do fun things with mail.# unerwünschte Werbung:0* ^X-local-part-suffix: kris-macheist{ EXITCODE=67 :0 i $BOUNCELOG/}What is that Six-Seven there?/usr/include/sysexits.h:#define EX_NOUSER 67 /* addressee unknown */It is a user-unknown bounce, and a local copy.
(DIR) Post #B3QQtfpmX2eE3dBdXk by isotopp@infosec.exchange
2026-02-17T18:08:31Z
0 likes, 0 repeats
"The mail you are sending your request from, kris@koehntopp.de, is not the mail that is registered for your account, kris-ourcompanyname@koehntopp.de""That is correct. The mail you are sending your answer from, do-not-reply@ourcompanyname.com, is also not the mail address you want me to send my shit to, support@ourcompanyname.com, so what exactly is the problem?"
(DIR) Post #B3QQtggbMetmhRtosC by jti42@infosec.exchange
2026-02-17T18:12:48Z
0 likes, 0 repeats
@isotopp Oh, and my personal favorite is those JS'd "input validations" rejecting my plus-addressed email-adresses as "invalid format" only to f... around with proper email handling and spamming later. Led me to extending the local_part_suffix too.
(DIR) Post #B3QQthWMGEIbHy79Xs by nobody@mastodon.acm.org
2026-02-17T21:53:06Z
0 likes, 0 repeats
@jti42Same@isotopp
(DIR) Post #B3QQtmE6lVfhsoc9IG by isotopp@infosec.exchange
2026-02-17T18:18:23Z
0 likes, 0 repeats
So it's kris-anything@koehntopp.de?Sweet summer child.$ cat transform.pl#! /usr/bin/perl -wmy $srcdomain = qw ( koehntopp.de );my @domains = qw( koehntopp.info .... );...and$ cat virtusertable.in...kris@koehntopp.de krisk.koehntopp@koehntopp.de kriskristian.koehntopp@... kris...and$ cat virtusertablekris@koehntopp.de kriskris@koehntopp.info kris...k.koehntopp@koehntopp.de krisk.koehntopp@koehntopp.info kris...So that spreadsheet for US immigration. How many rows can it have?
(DIR) Post #B3QQudtlDNTuLLVf4i by lazyb0y@mastodon.social
2026-02-17T18:28:57Z
0 likes, 0 repeats
@isotopp IMHO it should be forbidden by law that companies send emails that cannot be replied to…
(DIR) Post #B3QQufJJxpWOiuTaYS by nobody@mastodon.acm.org
2026-02-17T21:53:22Z
0 likes, 0 repeats
@lazyb0yYew@isotopp